Wednesday, June 21, 2017

routing - Machines disregarding default gateway



Our gateway is a router which redirects all browsing traffic to a proxy server (Ubuntu 14.04.3). Proxy server then process and sends the traffic back to the router through a different interface. Proxy is also connected to the LAN .



Some computers in the LAN routes it's traffic directly to 192.168.0.2 which is the proxy server disregarding the default gateway (192.168.0.1) set in the network settigns. This has only identified with computers with static IP's for the moment. DHCP users do not have a problem. What could be the reason for this? How could we avoid this behaviour? Find a basic diagram of the network below.



Diagram



Routing table of a machine with static IP





Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.179 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
169.254.0.0 255.255.0.0 On-link 192.168.0.179 296
169.254.255.255 255.255.255.255 On-link 192.168.0.179 276
192.168.0.0 255.255.255.0 On-link 192.168.0.179 276

192.168.0.179 255.255.255.255 On-link 192.168.0.179 276
192.168.0.255 255.255.255.255 On-link 192.168.0.179 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.179 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306






Persistent Routes:

Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 192.168.0.1 Default



Routing table of a DHCP machine




Active Routes:


Network Destination Netmask Gateway Interface Metric

0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.165 10
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.2.0 255.255.255.0 On-link 192.168.2.165 266
192.168.2.165 255.255.255.255 On-link 192.168.2.165 266
192.168.2.255 255.255.255.255 On-link 192.168.2.165 266
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.2.165 266
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306

255.255.255.255 255.255.255.255 On-link 192.168.2.165 266



Answer



We managed to address this issue thanks to the tip given by joeqwerty. We were not using ICMP redirects to redirect the traffic. However both the Proxy server and the Router were sending ICMP redirects to the clients. Since neither of the devices had any use for this behaviour, we disabled ICMP redirects in both the devices and the issue never came back.


-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

linux - How to SSH to ec2 instance in VPC private subnet via NAT server

I have created a VPC in aws with a public subnet and a private subnet. The private subnet does not have direct access to external network. S...